Main menu

The Internet and The Law

I recently came across a status update posted by a good friend of mine. He posted, “the internet is built on hazy intellectual property laws”. My immediate thought was, “Well, no that’s not true”. Sometime between then and now came a realization that my friend’s status update had inspired me to sit down and blog a bit about how the internet and the law coexist.

If you can, I want you to put aside for the moment the notion that the internet may seem almost entirely a product of IP laws. Sure, IP is a big part of it, but there’s a lot more going on when it comes to talking law and the internet. I’m going to touch on some of the more subtle things going on with the internet and the law that may have been missed along the way.

Introduction: The Internet is the Perfect Vessel for Regulation, Yet We Don’t

The internet is unlike anything else out there when it comes to regulation; that is, the internet is uniquely capable of perfect and complete regulation. Unfortunately, it just may be that a lot of the so-called “haziness” associated with law on the internet is derived from our failure to use this existing infrastructure. In this section I’m going to discuss what I mean by “perfect and complete regulation”. What I’d like you to do as a reader is think about how offline society is very incapable of perfect and complete regulation.

The architecture of the internet allows us to shut down unwanted activity through programs or bots that are coded to respond to particular behavior. In executing its function, the program doesn’t question the morality of the unwanted activity. The program simply performs as it was coded and the activity ceases. Furthermore, regulation through a program or code can and often will result in the lack of need for a real person to monitor such undesirable behavior. Hence, this is the environment we’re dealing with: a place we can regulate flawlessly and even sometimes without living people.

In the United States, it is difficult for us to appreciate the ease with which our government could restrict content we receive through the internet, or how we interact with it. Yet, for the skeptics, in China there has been some dissent about this sort of government activity already taking place.

Despite the fact that a centralized governing body could meticulously regulate what we do on the internet with almost no marginal cost, for better or worse there is no such singular governing body in the United States. Instead, we have multifarious governing bodies for the internet – both public and private.

By way of illustration, I am presently governing this blog. If I don’t want any of you posting comments, I simply change a setting and it is so. Dream Host is governing my server. If I publish content that violates our contract, they can simply remove that content with similar ease. So, in many aspects of how we use the internet, we do see some of this peerless regulability being utilized.

I’ll even argue that when this sort of system architecture is the method for enforcing a certain manner of behavior, it genuinely can have the effect of making law on the internet next to pointless. Think about it like this: you’re not sued when you violate the terms of service for an application or website you use. Instead, the usual course of action is an internal remedy, such as ban placed on the account in violation of the terms. Thus, by using the architecture of the internet in this fashion, a private governing body manifested a very real charge and judgment against you without the need to ever resort to the formal legal system.

Of course, it’s the very freedom to select what it is we do and how we interact with the internet that compels the need for law. Our perfectly regulatable vessel has no single set of rules. Rather, what we’re left with are millions of independent private or public governments free to determine the fates of their users as is their pleasure.

Anonymity: A Problem for the Coexistence of the Internet and Law

One completely logical way to think about the relationship of the law to the internet is: the internet is an intangible world where you can do things. In the U.S. we are given the freedom to choose which things we do, regardless of whether they are physical or intangible things. Like in the physical world, in this intangible world we can choose to do good, neutral or bad things. If we do bad things and get caught, then, like in the physical world, we may face civil or criminal liability. So far, this is absolutely accurate and rational.

Here’s the major issue: the internet allows us to do good, neutral, or bad things with almost complete anonymity. On the internet, we are identified by our IP addresses, devices, or user names–all of which multiple people may have access to. I imagine some hypotheticals will quickly demonstrate the crux of what is at issue.

What happens if I have a 13-year-old daughter downloading $5,000 worth of pirated music in the next room, albeit unbeknownst to me? Maybe I’m a law abiding citizen who is always prudent about telling my children, “don’t download pirated music”. Will I still be the one subject to liability if all an enforcement agency has to go on is the IP address that pirated the music? Sure, I pay the bills for internet service, but the same IP address is assigned to five different devices in the home via a router. What about the fact that the hypothetical daughter is a minor, does that change anything?

Let’s change the situation slightly and say that my hypothetical 13-year-old daughter instead charged $5,000 worth of iTunes media on my credit card. She may have used my credit card, but perhaps she did so after creating her own account and affirming that she was 18, thus lying about her own capacity to be contractually bound in order to achieve the result of a purchase. What now? What if I never gave consent for her to do these things, does that even matter? How about the contractual terms between her and Apple, where she lied to Apple that she was 18? By law, she certainly does not have capacity to enter into a binding agreement. So does that mean they’ll still come after me to remit payment in the form of $5,000?

Indeed, the anonymity issue is quite prevalent in our online interactions. The following sections will hopefully answer most of those hypothetical questions. For now, however, I’d like you to consider how anonymity may pose a problem in each area of law particularly discussed below.

Law and the Internet: Online Contract Formation

A lot of our legal relationships formed over the internet arise from the agreements we assent to. For example, if you want to use the latest app or access some websites, doubtless you have encountered some form of digital contract to which you must agree before enjoying these services.

However, what if you didn’t read the contract? What if, even if you did read the contract, you didn’t really understand it? Or, what if you understood the agreement at the time, but later came to find that the contract you originally agreed to had changed without notice to you? Here are some basic guidelines to online contracts:

A Contract is a Contract – Online contracts still must satisfy the basic elements of offline contracts in order to be enforceable. For the sake of brevity, those elements are: (1) two or more parties; (2) those two or more parties are bargaining for valuable consideration (something of worth or forbearance to either side); and, (3) an offer and an acceptance between those two or more parties is both understood by the parties and reached.

Careful What You Click – A person assents to a contract when he/she manifests an intent to be bound through overt acts or words. In the context of online contracts, you are making an “overt act” by clicking on the boxes which probably say something like “you have read, understand and agree to the contract”.

Best Practices for Drafting – If you’re drafting an online contract or End User License Agreement (“EULA”), you want a mandatory (meaning absolutely everyone you offer the consideration to must agree to the contract terms, no exceptions), non-leaky (meaning your agreement cannot possibly be bypassed by anyone), click-through agreement (meaning your contract is the kind where a party must affirmatively click an “I agree to the terms” button). Ideally, your contract will also be written in such a way that it is easily understood (i.e., leave out the legalese when possible). Finally, as a drafter of an online agreement, be aware that you will be subject to the laws of any state where the internet reaches (i.e., all 50); thus, it is in your interest to forum shop for a state with favorable laws. For a more in-depth discussion on this particular topic, take a look at this article.

Illusory Provisions are Sure to Make the Contract Fail – Illusory provisions are those which appear to promise something, although in substance do not commit the one promising them. For example, if my contract states that I offer to buy something from you at X price “insofar as I want to,” this is illusory because I never have to buy anything from you unless I want to. Hence, I essentially promised you I will do what I want (which may be nothing at all in regard to the sale). Similarly, a provision is illusory if it creates a free way out for the promisor, or a unilateral ability for the promisor to terminate or change provisions of the agreement without notice to the other bound parties. To illustrate, if my contract contains a provision that I am able to change our agreement without notice to you, this is illusory because whatever I initially promised can change when I want it to. For a real-world example of how someone might attempt to do the latter, see Harris v. Blockbuster, Inc., 622 F.Supp.2d 396 (N.D. Tex. 2009).

Law and the Internet: Internet Pornography

Internet pornography may be a touchy subject for some folks. The purpose of this section will simply be to provide you with the briefest glimpse into the issues legislatures have faced in attempting to regulate pornography.

So, everyone knows there’s pornography out there on the internet, right? And I’m assuming I don’t need to get into a discussion of that being legal? If you were unaware, spoiler alert: internet porn is out there, despite a bunch of lobbying regarding its need to be censored.

In the realm of internet pornography, almost everything goes but child pornography. By child pornography, I mean the sort of thing depicting actual children (as opposed to actors claiming they’re whatever age) engaged in sexual conduct–basically something tantamount to actual sexual abuse of children.

The other major issue in internet pornography regulation involves underage minors’ ability to access pornographic content. Despite numerous rewrites to seemingly well-intended laws, legislatures have had a surprisingly difficult time drafting a constitutional set of guidelines on the matter.

The problem a State or Federal legislature faces when attempting to snuff out unwanted internet pornography is, essentially, the First Amendment of the United States Constitution.

Why the First Amendment? Well, in a nutshell, any law that attempts to regulate speech (even if that speech is porn, and even if the goal is to protect children from accessing it) must be damn carefully written in order to pass constitutional muster. The reason for this is that you can’t cut off an adult’s right to access speech in the name of protecting children. To wit, if in the name of protecting children you want to make it so that websites with pornographic content must be tagged a certain way to ensure that children can’t access these materials, the whole tagging part just interfered with an adult’s ability to access this material–this is unconstitutional.

If the notion of our First Amendment being a serious road block to protecting children from internet pornography is something upsetting to you, consider the following argument: What about a parent’s right to choose what sort of speech their child has access to? For example, nothing but moral judgment prevents a parent from buying their child a Playboy in the physical world. Hence, why should the internet be any different if the parent approves of their child accessing pornographic content?

Practically speaking, the Constitution is safeguarding the right of parents to make child-rearing decisions, no matter how questionable they may seem on their face. What you ought not consider is where your moral compass points on the particular issue of internet pornography. Rather, consider the effect of what happens if we allow lawmakers to write the rules of raising our children. If we open the door for them here, the door stays open, and we might not appreciate the Congress Guidebook to Raising Children.

In 2014 we’re seeing novel communication platforms being utilized like never before. It’s widely understood that social media websites such as Facebook and Twitter have significantly changed the way we exchange ideas with one another–we’re able to share our thoughts with thousands of “friends” or “followers” in seconds. Yet, despite the method of delivery, communication has always had the power to be pleasant or unpleasant.

Using social media, those seeking to criticize others before a massive audience may now do so instantaneously, employing minimal effort. So, if someone uses these new platforms to publish defamatory material about us, can we sue them? What about the social media websites, can we sue them for refusing to take the defamatory material down? I’ll break down the answer to these questions in several parts.

Defamation, Generally.

As would be if we wanted to bring an offline suit for defamation, we must first establish that we in fact have a case for defamation. Generally, the elements of defamation are as follows:

First, we obviously require some sort of defamatory statement, which is one that tends to injure or harm the reputation of the one alleging they have been defamed. Even if the statement is not defamatory on its face (i.e., not something like “Regina is a whore”), we can often use extrinsic facts to show that the message carried defamatory intent. An example of a statement that is not defamatory “on its face”, but still carries defamatory intent, may be something like: I tell you “Joe burned down his barn”, when I know that you know Joe had a lot of insurance on that barn. The innuendo here is that Joe burned down his barn to defraud the insurance company (e.g., although Joe had every right to burn down his barn, the statement was defamatory based on the innuendo).

Second, we require that the defamatory statement be published to a third person (i.e., it is not defamation if I say something nasty to you directly and we are alone, because there is no third person). Publication of the defamatory statement may be oral (“slander”) or written (“libel”).

Third, we require that the third person understand the statement to be of and concerning the plaintiff. This just means that if I tell you something about Joe, you knew I meant Joe your neighbor and weren’t confused about which Joe I could possibly mean. Joe your neighbor can’t be a plaintiff in a lawsuit against me for defamation if you didn’t understand my comment to mean Joe your neighbor (i.e., his reputation wasn’t harmed if you didn’t know I was talking about that particular Joe).

Finally, there must be damages. We could go on and on here, so in the interest of brevity I’ll simply tell you, “there must be damages”.

There’s a lot more to defamation law which largely depends on whether the person asserting defamation is a private entity, public figure, etc. Yet, the above elements give us plenty to work with for our purposes.

47 U.S. Code § 230 – “Who is Responsible and When?”

Title 47 of the U.S. Code, Section 230 sets some ground rules in defamation cases arising online. Section 230 tells us there is a distinction between “providers” and “users” of interactive computer services. Understanding what “providers”, “users”, and “interactive computer services” mean under this statute is crucial to your success in a cyber defamation case. The Electronic Frontier Foundation has written a great piece explaining these roles using the example of a blog.

Section 230(c)(1) provides the following immunity: “No provider or user of an interactive computer service shall be treated as the publisher or speaker of any information provided by another information content provider”. It’s worth explaining what this means because it’s a fairly sweeping immunity for a lot of potential parties to a defamation suit.

The above provision in 230(c)(1) tends to answer the question, “Can I sue Facebook for merely allowing something defamatory to be posted about me?” with an emphatic “No”. For the sake of argument, we can even take it a step further; let’s say a Facebook executive republished a status update that you assert defamed you, albeit the executive him/herself did not provide the original statement. Under Section 230, if the executive simply linked this material without editing or commenting on it, the executive is probably not going to be found liable because they did not actually “provide” the original defamatory publication. This immunity is in stark contrast to offline defamation law, where republication of a defamatory remark can potentially create contributory liability for he/she who republished it.

So, if we know we can’t go after the website or people who republish the remark (assuming the website or people did not materially add to/contribute content to this remark), who is left to sue if you believe you have a legitimate defamation claim? The person who provided the defamatory remark, and generally only that person. However, note here that depending on the interactive computer service in question, anonymity could potentially serve as an issue.

I would highly advise reading the Electronic Frontier Foundation’s compilation of key legal cases on point.

Law and the Internet: Intellectual Property

I don’t want to undermine the importance of IP on the internet, because it’s truly everywhere. However, this blog will continue to provide you with articles focused entirely on IP issues. Knowing this, my objective in writing this particular piece is to demonstrate how laws we may/may not be familiar with commingle with (or struggle in their attempt to commingle with) the internet.

Please visit this link if you are looking for a place to start regarding basic information on IP law. Alternatively, feel free to contact me directly if you desire a consultation on any IP issues.

Law and the Internet: Establishing Jurisdiction for Online Activity

Before lawsuits can begin, be their inception either online or offline, it must be established that a court has jurisdiction over the litigants. Naturally, this becomes trickier when the subject matter of a lawsuit involves content that people in virtually every country can access.

A helpful case to review on the point of internet jurisdiction is Toys “R” Us, Inc. v. Step Two, S.A., 318 F.3d 446 (3rd Cir. 2003). Toys “R” Us brought, among other claims, a trademark infringement action against Step Two, a Spanish company who was selling allegedly infringing merchandise online. Step Two listed its wares in non-U.S. currency and virtually had no sales of record to the U.S., other than two particular sales in New Jersey which were the result of Toys’ legal team buying such merchandise online. As you may have surmised, the question then became “Were those two sales to the United States enough to subject the Spanish company to the jurisdiction of a U.S. court?”

The court in Toys “R” Us went through quite a few tests to answer that question.

First, we ask (1) Did one “purposefully avail” oneself of the privilege of conducting activities within the forum state”, such that they would invoke the benefits and protection of that state; and (2) based on traditional notions of fair play and substantial justice, were their actions such that they should “reasonably anticipate being haled into court” in that forum state?

Let me attempt to explain what the above test is asking for. Let’s say I run a Texas business that sells widgets. I put my website up online and allow residents of Texas to buy my widgets. Since my business is incorporated in and thus protected by the laws of the State of Texas, I therefore have purposefully availed myself of the benefits and protection Texas has to offer. In this example, I should have more than a reasonable anticipation that my actions in conducting online business might end up with me in a Texas court one day.

However, Step Two was a Spanish company, so the above questions were not so easily answered in the Toys case.

So next, to help us answer if one “purposefully availed” oneself of conducting activities within the forum state, we can ask “What was the nature and quantity of the commercial activity online”? You can note that mere interactivity online is not enough to “purposefully avail” oneself of conducting activities. Yet, the more commercial activity you have online the closer you get to purposefully availing yourself.

Finally, and what the Toys case seemed to turn on, we can look at the “sufficient other related contacts”. In crude summary, this question basically asks, “What else may you have been doing in the U.S. so that we can say we have jurisdiction over you?” So, in the Toys case, although Step Two only made two sales to New Jersey residents, information arose that certain products being sold online by Step Two had been purchased at a New York toy fair. That’s the “what else” they may have been doing in the United States. Accordingly, jurisdictional discovery was granted to Toys “R” Us based on the need to see what sort of “sufficient other related contacts” Step Two had in the United States.

The several points to take away about a court obtaining jurisdiction over your online activity are these: (1) although “mere interactivity” is not enough, the more interactive your website, the stronger the case is for jurisdiction over your activities (i.e., think, “Am I actively soliciting business from this state in such a way that they could buy from me today if they wished to?”); (2) you do not necessarily need to make a sale to a person in a state to “purposefully avail” yourself of conducting activity there (i.e., if you have so-called “sufficient other related contacts” in that state that pertain to your business, you may be found to be conducting activities there such that subject you to its jurisdiction).

In Closing

The foregoing material just scrapes the surface of what we’re dealing with when law meets internet. By no means have I (nor could I have for the purpose of a blog piece) exhausted a topic section for all areas of the law you will encounter on the internet. New laws will certainly be created as the internet serves us up things in the coming years to which we presently haven’t imagined, or to novel challenges to which we will be coerced to answer.

What I hope I have done is shared a few pieces of insight into some of the most common questions I am asked in my capacity as an internet attorney. More, I hope I have acceptably responded to my friend’s statement regarding the internet being “built on hazy intellectual property laws”.

In closing, the way we interact with and comprehend the internet continues to compel our society to develop guidelines for our actions thereon. The internet is built on much more than IP laws alone. For the internet is a wonderful thing, but at times is dark and full of terrors. As such, we cannot even begin to address the vast number of issues we face, or will face in this evolving intangible world. Nonetheless, the law tends to find an answer to each occasion when it ought (and sometimes when it oughtn’t).